package demo.security.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class LoginController {

  /**
   * 认证流程演示：
   *
   * 账号：zhangsan
   * 密码：123   (user表中的password是已加盐的MD5编码结果)
   */
  @PostMapping("/login")
  public String login(String username,String password) {
    try{
      Subject subject = SecurityUtils.getSubject();
      UsernamePasswordToken upToken = new UsernamePasswordToken(username, password);
      subject.login(upToken);
      return "登录成功";
    }catch (Exception e) {
      return "用户名或密码错误";
    }
  }
}
